PyDFIR / pyDFIRRamLinks
PyDFIRRam is a Python library leveraging Volatility 3 to simplify and enhance memory forensics. It streamlines the research, parsing, and analysis of memory dumps, allowing users to focus on data rather than commands.
☆25Updated 9 months ago
Alternatives and similar repositories for pyDFIRRam
Users that are interested in pyDFIRRam are comparing it to the libraries listed below
Sorting:
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆33Updated last month
- ☆24Updated 4 months ago
- Virus.xcheck is a Python tool designed to bulk verify the existence of file hashes in the Virus Exchange database and fetch download URLs…☆53Updated 2 months ago
- Shellcode loader based on indirect syscall☆22Updated 4 months ago
- Lena's scripts/code/resources for malware analysis☆27Updated last year
- Configuration Extractors for Malware☆106Updated 2 months ago
- DFIR ORC PARSER PROJECT☆25Updated 4 months ago
- ☆124Updated 2 weeks ago
- A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files☆124Updated last year
- Scan files for potential threats while leveraging AMSI (Antimalware Scan Interface) and Windows Defender. By isolating malicious content.☆19Updated 5 months ago
- Ansible + Vagrant + Hyper-V + Vulnerable AD 😎☆92Updated 10 months ago
- ZeroProbe is an advanced enumeration and analysis framework designed for exploit developers, security researchers, and red teamers. It pr…☆105Updated 3 months ago
- APT hub, It help's research to collect information and data on the latest APT activities. It collects data on APT profiles, IOCs(1 yr), a…☆51Updated 3 months ago
- Powershell Linter☆61Updated last week
- RDE1 (Rusty Data Exfiltrator) is client and server tool allowing auditor to extract files from DNS and HTTPS protocols written in Rust. �…☆40Updated 2 months ago
- Pythia is a versatile query format designed to facilitate the discovery of malicious infrastructure by seamlessly converting into the syn…☆33Updated 10 months ago
- This is a simulation of attack by Fancy Bear group (APT28) targeting high-ranking government officials Western Asia and Eastern Europe☆34Updated last year
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆151Updated 9 months ago
- Modular framework for automating triaging, malware analysis, and analyst workflows☆41Updated last month
- ☆37Updated last year
- ☆20Updated last year
- Cheat sheet to detect and remove linux kernel rootkit☆67Updated 6 months ago
- This is a fully automated Active directory Lab made with the purpose to reduce the hustle of creating it manually.☆93Updated last year
- DFIR project to collect and analyze events in Google Workspace☆13Updated last year
- This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.☆80Updated 9 months ago
- ☆40Updated 6 months ago
- VM Lab for security☆9Updated last year
- ☆81Updated 7 months ago
- linikatz is a tool to attack AD on UNIX☆148Updated last year
- A collection of tools that I use in CTF's or for assessments☆100Updated 4 months ago